Sql Injunction Problem
I have a site built in asp 3.0. i am using ado.net for database operations. now what i am doing is using direct queries for databse operations. i want to make sure that no one do any sql injunction in a way that no one use any sql statement in query parameters. like if i have a statement
select * from tableA where id = "&id
then one can provide id=1;drop table tableB
and that can cause problem
is there any way to detect and block these in code.